CNNVD-202507-3336 Information

CNNVD ID

CNNVD-202507-3336

Related CVE

CVE-2025-52448

• CNNVD Published: 2025-07-25

Description (Chinese)

Salesforce Tableau Server是Salesforce公司的一个数据可视化分析平台。 Salesforce Tableau Server 2025.1.3之前版本、2024.2.12之前版本和2023.3.19之前版本存在安全漏洞，该漏洞源于validate-initial-sql接口验证不足，可能导致授权绕过。

Description (English)

Salesforce Tableau Server is a data visualization analysis platform for Salesforce. There is a security loophole in previous editions of Salesforce Tableau Server 2025.1.3, 2024.2.12 and 2023.3.19, which stems from inadequate validation of the Validate-initial-sql interface, which may result in the authorization being bypassed.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Salesforce

Published

2025-07-25

Last Modified

2026-02-24

References

https://help.salesforce.com/s/articleView?id=005105043&type=1 https://access.redhat.com/security/cve/cve-2025-52448

Patch

https://www.tableau.com/support/releases/server